Download
| Alert*
oval:gov.nist.usgcb.vista:def:8034
Auditing of "Policy Change: Audit Policy Change" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:8020 Auditing of "Logon/Logoff: Logon" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:8008 Auditing of "Detailed Tracking: Process Creation" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:10010 Fax Service State oval:gov.nist.usgcb.vista:def:3366994 Display Error Notification oval:gov.nist.usgcb.vista:def:6007 This policy setting determines the length of time that must pass before a locked account is unlocked and a user can try to log on again. oval:gov.nist.usgcb.vista:def:6106 Determines if an anonymous user can request security identifier (SID) attributes for another user. oval:gov.nist.usgcb.vista:def:6672 Registry Policy Processing oval:gov.nist.usgcb.vista:def:6661 Turn on Responder (RSPNDR) driver oval:gov.nist.usgcb.vista:def:6667 Allow remote access to the PnP interface oval:gov.nist.usgcb.vista:def:8005 Auditing of "Account Management: Security Group Management" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6071 Network access: Do not allow anonymous enumeration of SAM accounts and shares oval:gov.nist.usgcb.vista:def:6122 This setting controls the ability of non-administrators to install updates that have been digitally signed by the application vendor. oval:gov.nist.usgcb.vista:def:6036 Domain member: Disable machine account password changes oval:gov.nist.usgcb.vista:def:6600 Set client connection encryption level oval:gov.nist.usgcb.vista:def:6679 Turn Off Internet Connection Wizard if URL Connection is Referring to Microsoft.com oval:gov.nist.usgcb.vista:def:6022 The built-in Administrator account should be correctly named. oval:gov.nist.usgcb.vista:def:6117 If this setting is enabled any additional data requests from Microsoft in response to a Windows Error Reporting event will be automatically declined without notice to the user. oval:gov.nist.usgcb.vista:def:8088 Switch to the secure desktop when prompting for elevation oval:gov.nist.usgcb.vista:def:6694 Turn on session logging oval:gov.nist.usgcb.vista:def:116 MSS: (NoDefaultExempt) Enable NoDefaultExempt for IPSec Filtering oval:gov.nist.usgcb.vista:def:6638 The "Force shutdown from a remote system (SeRemoteShutdownPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6566 RPC Endpoint Mapper Client Authentication oval:gov.nist.usgcb.vista:def:6075 Network access: Remotely accessible registry paths oval:gov.nist.usgcb.vista:def:6004 This policy setting checks all new password to ensure that they meet basic requirements for strong password. oval:gov.nist.usgcb.vista:def:8089 Virtualize file and registry write failures to per-user locations oval:gov.nist.usgcb.vista:def:6003 This policy setting determines the number of days that you must use a password before you can change it. oval:gov.nist.usgcb.vista:def:6666 Prohibit Access of the Windows Connect Now Wizards oval:gov.nist.usgcb.vista:def:6053 Microsoft network server: Disconnect clients when logon hours expire oval:gov.nist.usgcb.vista:def:6063 MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended) oval:gov.nist.usgcb.vista:def:6609 The "Act as part of the operating system (SeTcbPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6662 Turn Off Microsoft Peer-to-Peer Networking Services oval:gov.nist.usgcb.vista:def:6563 Offer Remote Assistance oval:gov.nist.usgcb.vista:def:6607 The "Access this computer from the network (SeNetworkLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6047 Microsoft network client: Digitally sign communications (always) oval:gov.nist.usgcb.vista:def:6104 System objects: Require case insensitivity for non-Windows subsystems oval:gov.nist.usgcb.vista:def:6097 Network Security: Minimum session security for NTLM SSP based (including secure RPC) servers oval:gov.nist.usgcb.vista:def:6026 Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings oval:gov.nist.usgcb.vista:def:6068 MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default) oval:gov.nist.usgcb.vista:def:6038 Domain member: Require strong (Windows 2000 or later) session key oval:gov.nist.usgcb.vista:def:6008 This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout duration for the account has expired. You can set a value between 0 and 999 failed logon at ... oval:gov.nist.usgcb.vista:def:6648 Administrators may manage the auditing and security log oval:gov.nist.usgcb.vista:def:6669 Do not send a Windows Error Report when a generic driver is installed on a device oval:gov.nist.usgcb.vista:def:612261221 Do Not Show First Use Dialog Boxes This policy prevents the Privacy Options and Installation Options dialog boxes from being displayed the first time a user starts Windows Media Player. This policy prevents the dialog boxes which allow users to select privacy, file types, and other desktop options f ... oval:gov.nist.usgcb.vista:def:6005 This policy setting determines whether the operating system stores passwords in a way that uses reversible encryption, which provides support for application protocols that require knowledge of the user's password for authentication purposes. oval:gov.nist.usgcb.vista:def:6616 The "Allow log on through Terminal Services (SeRemoteInteractiveLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6623 The "Change the system time (SeSystemTimePrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6647 The log-on-as-a-service user right should be assigned to the correct accounts. oval:gov.nist.usgcb.vista:def:6049 Microsoft network client: Send unencrypted password to third-party SMB servers oval:gov.nist.usgcb.vista:def:6095 Network Security: LDAP client signing requirements oval:gov.nist.usgcb.vista:def:6050 Microsoft network server: Amount of idle time required before suspending session oval:gov.nist.usgcb.vista:def:6568 Turn off Internet download for Web publishing and online ordering wizards oval:gov.nist.usgcb.vista:def:8026 Auditing of "Object Access: File System" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6634 The "Deny log on locally (SeDenyInteractiveLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6094 Network Security: LAN Manager Authentication Level oval:gov.nist.usgcb.vista:def:6101 Shutdown: Clear Virtual Memory Pagefile oval:gov.nist.usgcb.vista:def:8084 Detect application installations and prompt for elevation oval:gov.nist.usgcb.vista:def:6059 MSS: (KeepAliveTime)How often keep-alive packets are sent in milliseconds oval:gov.nist.usgcb.vista:def:6654 The "Replace a process level token (SeAssignPrimaryTokenPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6120 Disable IE security prompt for Windows Installer scripts oval:gov.nist.usgcb.vista:def:6118 Turn off Heap termination on corruption oval:gov.nist.usgcb.vista:def:6023 The built-in Guest account should be correctly named. oval:gov.nist.usgcb.vista:def:6002 This policy setting defines how long a user can use their password before it expires. oval:gov.nist.usgcb.vista:def:6027 Audit: Shut down system immediately if unable to log security audits oval:gov.nist.usgcb.vista:def:8035 Auditing of "Policy Change: Authentication Policy Change" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6072 Network access: Do not allow storage of credentials or .NET Passports for network authentication oval:gov.nist.usgcb.vista:def:6054 MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) oval:gov.nist.usgcb.vista:def:6705 Prevent indexing uncached Exchange folders oval:gov.nist.usgcb.vista:def:6668 Do not create system restore point when new device driver installed oval:gov.nist.usgcb.vista:def:6064 MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended) oval:gov.nist.usgcb.vista:def:8081 Admin Approval Mode for the Built-in Administrator account oval:gov.nist.usgcb.vista:def:6074 Network access: Named Pipes that can be accessed anonymously oval:gov.nist.usgcb.vista:def:6123 Report when logon server was not available during user logon. oval:gov.nist.usgcb.vista:def:6613 The "Allow log on locally" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6625 The "Create a token object (SeCreateTokenPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6124 Windows Mail will not check your newsgroup servers for Communities support. oval:gov.nist.usgcb.vista:def:8002 Auditing of "Account Management: Computer Account Management" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6096 Network Security: Minimum session security for NTLM SSP based (including secure RPC) clients oval:gov.nist.usgcb.vista:def:6571 Turn off printing over HTTP oval:gov.nist.usgcb.vista:def:6030 Devices: Prevent users from installing printer drivers oval:gov.nist.usgcb.vista:def:6572 Turn off downloading of print drivers over HTTP oval:gov.nist.usgcb.vista:def:6114 If this setting is enabled Windows Error Reporting events will not be logged to the system event log. oval:gov.nist.usgcb.vista:def:6658 The "Synchronize directory service data" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8019 Auditing of "Logon/Logoff: Logoff" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6070 Network access: Do not allow anonymous enumeration of SAM accounts oval:gov.nist.usgcb.vista:def:6119 Turn off shell protocol protected mode oval:gov.nist.usgcb.vista:def:6006 This policy setting determines the least number of characters that make up a password for a user account. oval:gov.nist.usgcb.vista:def:6626 The "Create global objects (SeCreateGlobalPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6726 You can use this policy setting to specify the maximum amount of time that a disconnected session is kept active on the server. By default, Terminal Services allows users to disconnect from a remote session without logging off and ending the session. (1 min) oval:gov.nist.usgcb.vista:def:6703 Turn Off Downloading of Game Information oval:gov.nist.usgcb.vista:def:6565 Restrictions for Unauthenticated RPC clients oval:gov.nist.usgcb.vista:def:6599 Always prompt client for password upon connection oval:gov.nist.usgcb.vista:def:6126 Prevents Windows Media Digital Rights Management (DRM) from accessing the Internet (or intranet). When enabled, Windows Media DRM is prevented from accessing the Internet (or intranet) for license acquisition and security upgrades. oval:gov.nist.usgcb.vista:def:6624 The "Create a pagefile (SeCreatePagefilePrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8043 Auditing of "System: Ipsec Driver" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6641 The "Increase scheduling priority (SeIncreaseBasePriorityPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8087 Run all administrators in Admin Approval Mode oval:gov.nist.usgcb.vista:def:6640 The "Impersonate a client after authentication" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6653 The "Remove computer from docking station (SeUndockPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6025 Audit: Audit the use of Backup and Restore privilege oval:gov.nist.usgcb.vista:def:6651 The "Profile single process (SeProfileSingleProcessPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6021 Accounts: Limit local account use to blank passwords to console logon only oval:gov.nist.usgcb.vista:def:6105 System objects: Strengthen default permissions of internal system objects oval:gov.nist.usgcb.vista:def:8045 Auditing of "System: Security State Change" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6079 Network access: Sharing and security model for local accounts oval:gov.nist.usgcb.vista:def:6621 The "Bypass traverse checking (SeChangeNotifyPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6657 The "Shut down the system (SeShutdownPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6100 Shutdown: Allow System to be Shut Down Without Having to Log On oval:gov.nist.usgcb.vista:def:6061 MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers oval:gov.nist.usgcb.vista:def:6037 Domain member: Maximum machine account password age oval:gov.nist.usgcb.vista:def:6129 Sidebar gadgets can be deployed as compressed files, either digitally signed or unsigned. If you enable this setting, Windows Sidebar will not extract any gadgets that have not been digitally signed. If you disable or do not configure this setting, Window oval:gov.nist.usgcb.vista:def:6564 Solicited Remote Assistance oval:gov.nist.usgcb.vista:def:6633 The "Deny log on as a service (SeDenyServiceLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6069 MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning oval:gov.nist.usgcb.vista:def:6062 MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended) oval:gov.nist.usgcb.vista:def:6575 Enumerate administrator accounts on elevation oval:gov.nist.usgcb.vista:def:6639 The "Generate security audits (SeAuditPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8032 Auditing of "Object Access: Registry" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6024 Audit the access of global system objects is disabled oval:gov.nist.usgcb.vista:def:6080 Network security: Do not store LAN Manager hash value on next password change oval:gov.nist.usgcb.vista:def:8004 Auditing of "Account Management: Other Account Management Events" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6046 Interactive logon: Require Domain Controller authentication to unlock workstation oval:gov.nist.usgcb.vista:def:6612 The "Adjust memory quotas for a process (SeIncreaseQuotaPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8047 Auditing of "System: System Integrity" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:8086 Only elevate UIAccess applications that are installed in secure locations oval:gov.nist.usgcb.vista:def:6102 System Cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing oval:gov.nist.usgcb.vista:def:6055 MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing) oval:gov.nist.usgcb.vista:def:6660 Turn on Mapper I/O (LLTDIO) driver is configured appropriately. oval:gov.nist.usgcb.vista:def:6039 Interactive logon: Do not display last user name oval:gov.nist.usgcb.vista:def:8042 Sensitive Privilege Use oval:gov.nist.usgcb.vista:def:6704 Allow indexing of encrypted files oval:gov.nist.usgcb.vista:def:6001 This policy setting determines the number of renewed, unique passwords that have to be associated with a user account before you can reuse an old password. oval:gov.nist.usgcb.vista:def:6681 Turn Off Registration if URL Connection is Referring to Microsoft.com oval:gov.nist.usgcb.vista:def:6130 Override the More Gadgets Lank oval:gov.nist.usgcb.vista:def:6031 Devices: Restrict CD-ROM access to locally logged-on user only oval:gov.nist.usgcb.vista:def:8022 Auditing of "Logon/Logoff: Special Logon" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6644 The "Log on as a batch job (SeBatchLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6131 Turn Off User Installed Windows Sidebar Fidgets oval:gov.nist.usgcb.vista:def:6073 Network access: Let Everyone permissions apply to anonymous users oval:gov.nist.usgcb.vista:def:6033 Domain member: Digitally encrypt or sign secure channel data (when possible) oval:gov.nist.usgcb.vista:def:6057 MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes oval:gov.nist.usgcb.vista:def:6682 Turn Off the "Order Prints" Picture Task oval:gov.nist.usgcb.vista:def:6569 Turn off the Windows Messenger Customer Experience Improvement Program oval:gov.nist.usgcb.vista:def:6041 Interactive logon: Message text for users attempting to log on oval:gov.nist.usgcb.vista:def:6652 The "Profile system performance (SeSystemProfilePrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6098 Recovery Console: Allow Automatic Administrative Logon oval:gov.nist.usgcb.vista:def:6081 Network security: Force logoff when logon hours expire oval:gov.nist.usgcb.vista:def:6077 Network access: Restrict anonymous access to Named Pipes and Shares oval:gov.nist.usgcb.vista:def:6725 This policy setting allows you to specify the maximum amount of time that an active Terminal Services session can be idle (without user input) before it is automatically disconnected. (15 min) oval:gov.nist.usgcb.vista:def:6630 The "Deny access to this computer from the network (SeDenyNetworkLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6045 Interactive logon: Require Domain Controller authentication to unlock workstation oval:gov.nist.usgcb.vista:def:6042 Interactive logon: Message title for users attempting to log on oval:gov.nist.usgcb.vista:def:6121 Permits users to change installation options that typically are available only to system administrators. This setting bypasses some of the security features of Windows Installer. oval:gov.nist.usgcb.vista:def:6044 Interactive logon: Prompt user to change password before expiration oval:gov.nist.usgcb.vista:def:612261222 Prevents users from being prompted to update Windows Media Player. This policy prevents the Player from being updated and prevents users with administrator rights from being prompted to update the Player if an updated version is available. The Check for Player Updates command on the Help menu in the ... oval:gov.nist.usgcb.vista:def:6566666 Disable ISATAP, Teredo, and 6to4 tunneling protocols oval:gov.nist.usgcb.vista:def:6043 Interactive logon: Number of previous logons to cache (in case domain controller is not available) oval:gov.nist.usgcb.vista:def:6032 Devices: Restrict Floppy access to locally logged-on user only oval:gov.nist.usgcb.vista:def:6649 The "Modify firmware environment values (SeSystemEnvironmentPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6689 Require a Password when a Computer Wakes (On Battery) oval:gov.nist.usgcb.vista:def:6570 Turn off Search Companion content file updates oval:gov.nist.usgcb.vista:def:6665 Configuration of Wireless Settings Using Windows Connect Now oval:gov.nist.usgcb.vista:def:6631 The "Deny log on as a batch job (SeDenyBatchLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:3366991 Prohibit installation and configuration of Network Bridge on your DNS domain network oval:gov.nist.usgcb.vista:def:6115 If this setting is enabled, Windows Error Reporting will not send any problem information to Microsoft. Additionally, solution information will not be available in the Problem Reports and Solutions control panel. oval:gov.nist.usgcb.vista:def:6686 Always Use Classic Logon oval:gov.nist.usgcb.vista:def:60771 Network access: Shares that can be accessed anonymously oval:gov.nist.usgcb.vista:def:6051 Microsoft network server: Digitally sign communications (always) oval:gov.nist.usgcb.vista:def:6680 The "Turn Off Internet File Association Service" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6659 The "Take ownership of files or other objects (SeTakeOwnershipPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6595 Disable remote Desktop Sharing oval:gov.nist.usgcb.vista:def:243 This definition verifies that the Guest account is enabled/disabled based on the policy defined by the user. oval:gov.nist.usgcb.vista:def:6727 When Windows Defender detects software or changes by software not yet classified for risks, you see how other members responded to the alert. In turn, the action you apply help other members choose how to respond. Your actions also help Microsoft choose which software to investigate for potential th ... oval:gov.nist.usgcb.vista:def:6034 Domain member: Digitally encrypt or sign secure channel data (always) oval:gov.nist.usgcb.vista:def:8085 Only elevate executables that are signed and validated oval:gov.nist.usgcb.vista:def:6567 The "Turn off the 'Publish to Web' task for files and folders" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:8046 Auditing of "System: Security System Extension" events on success should be enabled or disabled as appropriate. oval:gov.nist.usgcb.vista:def:6596 Do not allow passwords to be saved oval:gov.nist.usgcb.vista:def:6676 Turn Off Handwriting Recognition Error Reporting oval:gov.nist.usgcb.vista:def:6056 MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways (could lead to DoS) oval:gov.nist.usgcb.vista:def:6690 Require a Password when a Computer Wakes (Plugged) oval:gov.nist.usgcb.vista:def:6698 Do not allow Digital Locker to run oval:gov.nist.usgcb.vista:def:6683 Turn off Windows Error Reporting oval:gov.nist.usgcb.vista:def:6125 Denies or allows access to the Windows Mail application. If you enable this setting, access to the Windows Mail application is denied. If you disable or do not configure this setting, access to the Windows Mail application is allowed. oval:gov.nist.usgcb.vista:def:6628 The "Debug programs (SeDebugPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6099 Recovery Console: Allow Floppy Copy and Access to All Drives and All Folders oval:gov.nist.usgcb.vista:def:6636 The "Deny log on through Terminal Services (SeDenyRemoteInteractiveLogonRight)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6675 Turn Off Event Views "Events.asp" Links oval:gov.nist.usgcb.vista:def:6048 Microsoft network client: Digitally sign communications (if server agrees) oval:gov.nist.usgcb.vista:def:8083 Behavior of the elevation prompt for standard users oval:gov.nist.usgcb.vista:def:8082 Behavior of the elevation prompt for administrators in Admin Approval Mode oval:gov.nist.usgcb.vista:def:6642 Administrators may load and unload device drivers oval:gov.nist.usgcb.vista:def:6655 The "Restore files and directories (SeRestorePrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6643 The "Lock pages in memory (SeLockMemoryPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6650 The "Perform volume maintenance tasks (SeManageVolumePrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6617 The "Back up files and directories (SeBackupPrivilege)" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6627 The "Create permanent shared objects" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:242 This definition verifies that the Administrator account is enabled/disabled based on the policy defined by the user. oval:gov.nist.usgcb.vista:def:662391 The "Increase a process working set" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:6076 Network access: Remotely accessible registry paths and sub paths oval:gov.nist.usgcb.vista:def:100010 The 'Turn off game updates' setting should be configured correctly. oval:gov.nist.usgcb.vista:def:100013 The 'Do not delete temp folder upon exit' setting should be configured correctly. oval:gov.nist.usgcb.vista:def:100014 The 'Do not use temporary folders per session' setting should be configured correctly. oval:gov.nist.usgcb.vista:def:662371 The "Modify an object label" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:662381 The "Change the time zone" setting should be configured correctly. oval:gov.nist.usgcb.vista:def:20001 The Windows Vista 'Internet Information Services' feature should be turned on or off as appropriate. oval:gov.nist.usgcb.vista:def:20000 The Windows Vista 'Games' feature should be turned on or off as appropriate. oval:gov.nist.usgcb.vista:def:20003 The Windows Vista 'Telnet Client' feature should be turned on or off as appropriate. oval:gov.nist.usgcb.vista:def:20002 The Windows Vista 'SimpleTCP Services' feature should be turned on or off as appropriate. oval:gov.nist.usgcb.vista:def:20005 The Windows Vista 'TFTP Client' feature should be turned on or off as appropriate. oval:gov.nist.usgcb.vista:def:20004 Telnet Server is not installed oval:gov.nist.usgcb.vista:def:20006 The Windows Vista 'Windows Media Center' feature should be turned on or off as appropriate. oval:gov.nist.usgcb.vista:def:20020 This policy setting determines whether or not users can connect to the computer using Terminal Services. oval:gov.nist.usgcb.vista:def:20012 Allowing source routed network traffic allows attackers to obscure their identity and location. oval:gov.nist.usgcb.vista:def:20014 MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default). oval:gov.nist.usgcb.vista:def:20019 This setting was added to Windows Vista SP1 specifically to enable Remote Assistance. It allows certain applications stored in secure folders, such as system32, to bypass the secure desktop so that they can function as designed. Enabling this setting will lower security slightly but enable Remote As ... oval:gov.nist.usgcb.vista:def:100216 This audit policy reports the results of validation tests on credentials submitted for a user account logon request. oval:gov.nist.usgcb.vista:def:100213 The "No auto-restart for scheduled Automatic Updates installations oval:gov.nist.usgcb.vista:def:100212 do not display install updates and shut down oval:gov.nist.usgcb.vista:def:100215 configure windows time provider oval:gov.nist.usgcb.vista:def:100214 reschedule automatic updates oval:gov.nist.usgcb.vista:def:100205 do not process the run once list oval:gov.nist.usgcb.vista:def:100208 configure automatic updates oval:gov.nist.usgcb.vista:def:100066 The 'Enable/Disable PerfTrack' setting should be configured correctly. oval:gov.nist.usgcb.vista:def:100055 Default behavior for AutoRun oval:gov.nist.usgcb.vista:def:65741 Turn off Autoplay is set correctly. oval:gov.nist.usgcb.vista:def:6052 Microsoft network server: Digitally sign communications (if client agrees) oval:gov.nist.usgcb.vista:def:6040 Interactive logon: Do not require CTRL+ALT+DEL oval:gov.nist.usgcb.vista:def:6009 This policy setting determines the length of time before the Account lockout threshold resets to zero. oval:gov.nist.usgcb.vista:def:6035 Domain member: Digitally sign secure channel data (when possible) |